8331671: Implement JEP 472: Prepare to Restrict the Use of JNI

Reviewed-by: jpai, prr, ihse, kcr, alanb

src/java.base/share/classes/java/lang/foreign/AddressLayout.java

@@ -108,7 +108,7 @@ public sealed interface AddressLayout extends ValueLayout permits ValueLayouts.O
      * @param layout the target layout
      * @return an address layout with same characteristics as this layout, but with the
      *          provided target layout
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      * @see #targetLayout()
      */

src/java.base/share/classes/java/lang/foreign/Linker.java

@@ -613,7 +613,7 @@ public sealed interface Linker permits AbstractLinker {
      *         {@code address.equals(MemorySegment.NULL)}
      * @throws IllegalArgumentException if an invalid combination of linker options
      *         is given
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      *
      * @see SymbolLookup
@@ -684,7 +684,7 @@ public sealed interface Linker permits AbstractLinker {
      *         supported by this linker
      * @throws IllegalArgumentException if an invalid combination of linker options
      *         is given
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      */
     @CallerSensitive
@@ -733,7 +733,7 @@ public sealed interface Linker permits AbstractLinker {
      * @throws IllegalStateException if {@code arena.scope().isAlive() == false}
      * @throws WrongThreadException if {@code arena} is a confined arena, and this method
      *         is called from a thread {@code T}, other than the arena's owner thread
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      */
     @CallerSensitive

src/java.base/share/classes/java/lang/foreign/SymbolLookup.java

@@ -285,14 +285,14 @@ public interface SymbolLookup {
      * @throws WrongThreadException if {@code arena} is a confined arena, and this method
      *         is called from a thread {@code T}, other than the arena's owner thread
      * @throws IllegalArgumentException if {@code name} does not identify a valid library
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      */
     @CallerSensitive
     @Restricted
     static SymbolLookup libraryLookup(String name, Arena arena) {
         Reflection.ensureNativeAccess(Reflection.getCallerClass(),
-                SymbolLookup.class, "libraryLookup");
+                SymbolLookup.class, "libraryLookup", false);
         if (Utils.containsNullChars(name)) {
             throw new IllegalArgumentException("Cannot open library: " + name);
         }
@@ -319,14 +319,14 @@ public interface SymbolLookup {
      *         is called from a thread {@code T}, other than the arena's owner thread
      * @throws IllegalArgumentException if {@code path} does not point to a valid library
      *         in the default file system
-     * @throws IllegalCallerException If the caller is in a module that does not have
+     * @throws IllegalCallerException if the caller is in a module that does not have
      *         native access enabled
      */
     @CallerSensitive
     @Restricted
     static SymbolLookup libraryLookup(Path path, Arena arena) {
         Reflection.ensureNativeAccess(Reflection.getCallerClass(),
-                SymbolLookup.class, "libraryLookup");
+                SymbolLookup.class, "libraryLookup", false);
         if (path.getFileSystem() != FileSystems.getDefault()) {
             throw new IllegalArgumentException("Path not in default file system: " + path);
         }

src/java.base/share/classes/java/lang/foreign/package-info.java

@@ -165,10 +165,11 @@
  * In the reference implementation, access to restricted methods can be granted to
  * specific modules using the command line option {@code --enable-native-access=M1,M2, ... Mn},
  * where {@code M1}, {@code M2}, {@code ... Mn} are module names (for the unnamed module,
- * the special value {@code ALL-UNNAMED} can be used). If this option is specified,
- * access to restricted methods are only granted to the modules listed by that option.
- * If this option is not specified, access to restricted methods is enabled for all
- * modules, but access to restricted methods will result in runtime warnings.
+ * the special value {@code ALL-UNNAMED} can be used). Access to restricted methods
+ * from modules not listed by that option is deemed <em>illegal</em>. Clients can
+ * control how access to restricted methods is handled, using the command line
+ * option {@code --illegal-native-access}. If this option is not specified,
+ * illegal access to restricted methods will result in runtime warnings.
  *
  * @spec jni/index.html Java Native Interface Specification
  *